On Thu, Jan 25, 2024 at 3:35 PM Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> wrote: > > On 2024/01/25 6:50, Kees Cook wrote: > > Yeah, I was just noticing this. I was over thinking. :) It does look > > like all that is needed is to remove __FMODE_EXEC. > > I worry that some out-of-tree kernel code continues using __FMODE_EXEC for > opening for non-execve() purpose. If that happened, TOMOYO will be fooled... I just scrolled through the Github code search results for the query "__FMODE_EXEC -path:fs/exec.c -path:fs/fcntl.c -path:fs/nfs/ -path:security/tomoyo/ -path:security/apparmor/ -path:include/linux/fsnotify.h -path:nfs/dir.c -path:include/linux/fs.h -path:security/landlock/", and the only place I saw in there that sets __FMODE_EXEC, other than copies of core kernel code in weirdly named files, was this one hit in a patch for the 2.6.39 kernel to add plan9 syscalls: https://github.com/longlene/clx/blob/fdf996e0c2a7835d61ee827a82146723de76a364/sys-kernel/glendix-sources/files/glendix_2.6.39.patch#L2833 Debian codesearch also doesn't show anything relevant. So I don't think we have to be particularly worried about that.
